I still can't believe something like Dropcam is such a huge success. The level of security awareness the general public has is terrifyingly small, and companies are taking advantage of it to produce brickable devices. It is the legal variant of ransomware...They can hold your data hostage for any reason and at any time. You're completely at their mercy, with regard to pricing and availability, and you have to trust they won't fall on hard times, or get tired of running the service.
This is the next front in the battle for electronic freedom, and lots of folks (even nerds) don't seem to realize it.
To your point about it being a brickable device... I figured by the time the product was "bricked" (e.g. company going bust, product end-of-life, etc), that the hardware would be so out of date that it'd be time to replace it anyway.
With that said... after Nest acquired them, there's been no new meaningful features, no decrease in price, no new camera features, etc. I cancelled the "DVR" plan and will be finding an alternate system later this year.
I read the box. It listed a bunch of cool features. I bought it.
Nowhere on the box did it say, "We will keep all of your video and there is no way for you to use this device without Dropcam.com acting as an intermediary." I'm sure if I'd read some reviews, it would have been more clear to me what I was buying. But, I've bought cameras in this category before (first one I bought was a Panasonic Petcam about a decade ago, which worked wonderfully for many years, and didn't have the ability to hold my data for ransom), and never had one of them be this...um...useless, without the service associated with it. My expectation as a consumer of these kinds of devices was not, at all, met by what Dropcam is.
So, yes, I was ignorant of how Dropcam worked; but that ignorance was fostered by omission of key information on the Dropcam packaging.
"With that said... after Nest acquired them, there's been no new meaningful features, no decrease in price, no new camera features, etc. I cancelled the "DVR" plan and will be finding an alternate system later this year."
So...we're agreed, then, that you are at their mercy. You just have a much more forgiving attitude about their practices than I do. I consider it unethical (particularly the misleading copy on their packaging, but the general case of a device being ransomware, as well). Obviously, I'm not in the majority, since Dropcam is well-reviewed, and well-liked by a lot of people. I can't make people care about privacy, security, device re-usability, longevity of devices, reducing e-waste, and being able to make my own decisions about how I can use my devices, but I do still care about those things. Ease of use does not require giving up consumer choice.
Why didn't you just simply return the camera once you realized there was platform lock-in? Even after using Dropcam for significant time, the largest "investment" is the content captured during the "DVR" sliding window of 7 or 30 days--which you can export and manually download in chunks. How exactly was their product "ransomware"?
"I can't make people care about privacy, security"
FWIW, I care deeply about privacy/security, even more than some here. But how how does privacy / security relate to the service lock-in. If anything, the alternate "open" model has proven to be far worse in terms of privacy and security. I used my Dropcam to monitor the exterior of my house, pointed outward from a window. I accepted the tradeoffs, accepting the potential risk of Dropcam being hacked or a rogue engineer/admin, but trusting that they understood that risk and the need for appearing to care. Now, there's currently no consumer device on the market that I'd trust to continuously capture video in all common rooms (e.g. not bath/bed) in my house--even if only streaming to an on-prem server. The only option I'm comfortable with is building my own cameras, where I have control over the os/security/patches of the cameras.
So...we're agreed, then, that you are at their mercy.
Sure, I agree that when purchasing a paired device and service offering, that you're at the mercy of that company to continue offering said service. I fully understood what I was getting when I purchased the camera, and felt that their model was worth $149. Maybe the marketing copy has changed since launch, but i fail to see how they were "unethical" or that the device is "ransomware". To be clear, I'm referring to Dropcam in 2012, not Nest.
How "out of date" can a simple webcam get? Not to the point of it not still being useful I would think. And the decision of hardware still being useful/usable should be the users choice, not the manufacturer.
I'd strongly prefer to buy from a company that promised open sourcing / releasing access keys if they sunset the product. In fact, I'll probably look for that on future purchases...
I basically say the same thing about every 'smart home' device.
I would love to be able to query my thermostat to find out when and how long it turned the heat/AC on and whatnot, but I only want it to talk to my local wifi and devices. I don't want it to use a cloud service at all for anything ever.
I don't have that option, so I don't use them.
I never thought I'd want to be in the home automation business, or the web cam business, but this kind of thing is just so offensive to me, that whenever I think about it, I want to do something.
Your revenue would come from selling increasingly inexpensive hardware and/or trying to sell your software to run in a consumer environment where you have very little control.
Very few companies can make money that way. Smartthings is backed by Samsung (800 lb gorilla). They appear to be playing a long game now because they provide cloud-backed service (for free) and cheap hardware. The strategy will very clear shift towards subscription service eventually, IMHO.
So long as the company does not go rogue and purposefully brick the devices, then the company could shutdown and the devices could still be usable. Further, other companies could provide remote management services for these devices. Being IoT devices, though, would make them still susceptible to security issues, but at least being able to use them on a segregated network could limit that from happening.
HOWEVER.... it DOES rely upon Smartthings "in the cloud". Every interaction with sensors is mediated through the cloud and if something goes wrong on their side (and it does) mayhem ensues.
FWIW, the developer platform consists of writing groovy scripts in their web-based IDE. The code runs on their servers, not your devices.
Good old PCs weren't so bad after all. You had all your data and software locally and could do whatever you wanted.
I think it was a couple years ago I finally stopped resisting and said "fuck it" - signed up for Spotify, shut the hodge podge of syncing/ home NAS solutions I was using and just got a Dropbox account.
Others outside Synology write stuff for those boxes, evidence that it's not locked down, so I suppose with enough hacking one could get a DropCam to work on a Synology box. But it would be a hell of a lot easier if Synology had a list of plug-and-play devices that they either build themselves or partner with another manufacturer. The latter is unlikely to happen, given the rent-seeking behavior we see out of manufacturers.
I think you are totally misjudging this market. To the average person, a Dropcam is empirically far more secure in practice than many alternatives have proven to be. It's certainly what I'd recommend to a friend.
A few years ago, Foscam Wifi cameras were popular with parents. You could buy one for <$100 and they worked over wifi and had no service you had to buy. But then they were hacked by the thousands with repeated major security issues over multiple years. There were numerous news reports of parents finding strangers yelling obscenities at their babies in the middle of the night using the camera's talk-back function. This happened to multiple people I knew in real life.
This led to numerous articles like this one telling parents to update passwords, disable UPnP, tweak router settings, update firmware, etc, to prevent future hacks. But to a parent who's baby was woken up in the middle of the night by a hacker, they are probably just going to throw the hacked camera in the trash.
By comparison, Dropcam is a totally integrated solution that requires no user-initiated updates, no network configuration and is backed by the reputation of Google. To the average parent that doesn't want to spend their life reading Foscam forums, that's a much more attractive solution and much less likely to get hacked due to not being updated or properly configured and secured.
Dropcam/Nest/Google produces a product that works really well right out of the box with almost zero configuration and is relatively secure. The non-cloud alternatives do not. Until someone offers a solution that "just works" like Dropcam, consumers will keep opting for the cloud-based solution.
Yes, it sucks for electronic freedom. But that's not the main feature that matters to the market.
I think there are a lot of people on HN who dont remember that just because they can easily set something up regular people can't do the same thing.
Of cause having dropbox/dropcam simplicity comes with downsides but for regular consumers its not a question between self hosting and cloud, its between having something that can do this and not having it at all.
I've owned a number of devices in this category; the first was a Panasonic Petcam, which worked great for me, for many years. It had the ability to email me videos and photos, save to arbitrary FTP storage, etc. This was over a decade ago! If they could manage all that back then, why is it so difficult now, with networking tools being so much more advanced today?
And, yeah, hype has a lot to do with it. How have products like Dropcam and Nest generated so much buzz? I guess people genuinely prefer them, and consider the user experience worth the price (both in terms of money and in terms of privacy and choice).
That is the difference between tech professionals and the general public. We care, others don't. Make it work, make it just expensive enough folks will buy it to fix their problem while you clean up, profit.
If you want things to change, it'll only happen with regulation.
That's not a justification to add data stealing features and obfuscated dependencies to a remote, probably short lived server.
We understand the nature of those features, others don't.
9/10 the answer is: absolutely nothing. In 2-3 years it'll be in a landfill, not because the hardware is obsolete, but because the firmware made it so. Landfills full of hubris.
Landfills full of unicorn poop.